oxidized 0.31.0 → 0.32.0

data/docs/Model-Notes/FSOS.md

@@ -7,6 +7,7 @@ This has been tested against the following models and OS versions
 |S3400-48T4SP        |Version 2.0.2J Build 81736    |
 |S3400-48T4SP        |Version 2.0.2J Build 95262    |
 |S3400-48T6SP        |Version 2.2.0F Build 109661   |
+|S3400-48T4SP        |Version 2.0.2J Build 120538   |
 |S3410-24TS-P        |S3410_FSOS 11.4(1)B74S5       |
 |S5850-48T4Q         |Version 7.0.4.34              |
 |S5800-48MBQ         |Version 7.0.4.21              |

data/docs/ModelUnitTests.md

@@ -0,0 +1,186 @@
+# Model Unit Tests
+Oxidized includes automated unit tests for its models, which require very little
+effort to use. There are three different default unit tests for models:
+- [Device Simulation](ModelUnitTests.md#device-simulation)
+- [Device Prompt](ModelUnitTests.md#device-prompt)
+- [Secrets](ModelUnitTests.md#secrets)
+
+You only need to provide test files under [/spec/model/data](/spec/model/data),
+and the tests will be run automatically with `rake test`. See
+[CONTRIBUTING.md](/CONTRIBUTING.md) for explanations on how to set up a
+development environment. In the following examples, we use
+[Bundler](https://bundler.io/) and prefix all commands with `bundle exec`.
+
+In addition, you can write [custom unit tests](ModelUnitTests.md#custom-tests)
+for your model
+
+## Device Simulation
+### YAML Simulation File
+You need a [YAML simulation file](/docs/DeviceSimulation.md) for your device.
+See the link for instructions on how to produce it.
+
+The YAML simulation files are stored under
+[/spec/model/data/](/spec/model/data/), with the naming convention
+`<model>:<description>:simulation.yaml`, where `<model>` is the lowercase name
+of the Oxidized model and `<description>` is the name of the test case.
+`<description>` is generally formatted as `<hardware>_<software>` or
+`<hardware>_<software>_<information>`.
+
+Using a correct name for the file is important to ensure it is included in
+automatic model unit tests.
+
+### Expected Output
+You need a second file that contains the expected output, which has the same
+name as the YAML simulation file but ends with `:output.txt` instead of
+`:simulation.yaml`.
+
+You can automatically produce an output file based on the current model for all
+YAML simulation files missing an `:output.txt`:
+```shell
+bundle exec ruby spec/model/atoms_generate.rb
+```
+
+In the following example,
+`spec/model/data/aoscx:R8N85A-C6000-48G-CL4_PL.10.08.1010:output.txt` (the
+second file in the list) was missing:
+
+```shell
+oxidized$ bundle exec ruby spec/model/atoms_generate.rb
+Run options: --seed 57811
+
+# Running:
+
+Generating output file for aoscx:R0X25A-6410_FL.10.10.1100:simulation... SKIP, output already exists
+Generating output file for aoscx:R8N85A-C6000-48G-CL4_PL.10.08.1010:simulation... OK
+Generating output file for arubainstant:IAP515_8.10.0.6_VWLC:simulation... SKIP, output already exists
+Generating output file for asa:5512_9.12-4-67_single-context:simulation... SKIP, output already exists
+Generating output file for garderos:R7709_003_006_068:simulation... SKIP, output already exists
+Generating output file for ios:C8200L_16.12.1:simulation... FAIL, no simulation file
+Generating output file for ios:C9200L-24P-4G_17.09.04a:simulation... SKIP, output already exists
+Generating output file for ios:C9800-L-F-K9_17.06.05:simulation... SKIP, output already exists
+Generating output file for ios:asr920_16.8.1b:simulation... SKIP, output already exists
+Generating output file for junos:srx300_22.4:simulation... SKIP, output already exists
+Generating output file for opnsense:nano_23.7:simulation... SKIP, output already exists
+Generating output file for pfsense:CE_2.7.2:simulation... SKIP, output already exists
+Generating output file for routeros:CHR_7.10.1:simulation... SKIP, output already exists
+Generating output file for routeros:CHR_7.16:simulation... SKIP, output already exists
+Generating output file for routeros:L009UiGS_7.15.2:simulation... SKIP, output already exists
+.
+
+Finished in 0.904792s, 1.1052 runs/s, 0.0000 assertions/s.
+
+1 runs, 0 assertions, 0 failures, 0 errors, 0 skips
+Coverage report generated for RSpec to /home/xxx/oxidized/coverage/coverage.xml. 651 / 1122 LOC (58.02%) covered
+Coverage report generated for RSpec to /home/xxx/oxidized/coverage.
+Line Coverage: 58.02% (651 / 1122)
+```
+
+### Running the Tests
+You can modify the `:output.txt` file to match your expectations and modify the
+model accordingly. Run `bundle exec rake` to run the tests.
+
+Here is an example when the output of the VTP command is missing in the expected
+output:
+
+```
+oxidized$ bundle exec rake test
+/usr/bin/ruby3.1 -I"lib:spec" /home/xxx/oxidized/vendor/bundle/ruby/3.1.0/gems/rake-13.2.1/lib/rake/rake_test_loader.rb "spec/cli_spec.rb" "spec/config_spec.rb" "spec/hook/githubrepo_spec.rb" "spec/input/ssh_spec.rb" "spec/manager_spec.rb" "spec/model/apc_aos_spec.rb" "spec/model/model_atoms_spec.rb" "spec/model/model_helper_spec.rb" "spec/node_spec.rb" "spec/nodes_spec.rb" "spec/output/file_spec.rb" "spec/output/git_spec.rb" "spec/refinements_spec.rb" "spec/source/csv_spec.rb" "spec/source/http_spec.rb" "spec/source/jsonfile_spec.rb" "spec/source/sql_spec.rb"
+Run options: --seed 31447
+
+# Running:
+
+...............................................................SS..................F.............................SS..
+
+Finished in 7.963602s, 14.6918 runs/s, 48.7217 assertions/s.
+
+  1) Failure:
+ATOMS tests#test_0006_ios:C9200L-24P-4G_17.09.04a:output has expected output [spec/model/model_atoms_spec.rb:12]:
+--- expected
++++ actual
+@@ -9,6 +9,21 @@
+ ! CPU: ARM64
+ ! Memory: nvram 2048K
+ !
++! VTP: VTP Version capable             : 1 to 3
++! VTP: VTP version running             : 1
++! VTP: VTP Domain Name                 : Oxidized
++! VTP: VTP Pruning Mode                : Disabled (Operationally Disabled)
++! VTP: VTP Traps Generation            : Disabled
++! VTP: Device ID                       : 40f0.7800.0000
++! VTP: Feature VLAN:
++! VTP: --------------
++! VTP: VTP Operating Mode                : Transparent
++! VTP: Maximum VLANs supported locally   : 1005
++! VTP: Number of existing VLANs          : 10
++! VTP: Configuration Revision            : 0
++! VTP: MD5 digest                        : 0x35 0x00 0x00 0x00 0x00 0x00 0x7F 0xB4
++! VTP:                                     0x07 0x00 0x00 0x00 0x00 0x00 0x09 0x6D
++!
+ ! NAME: \"c92xxL Stack\", DESCR: \"c92xxL Stack\"
+ ! PID: C9200L-24P-4G     , VID: V01  , SN: JAE24FFFFFF
+ !
+
+
+117 runs, 388 assertions, 1 failures, 0 errors, 4 skips
+
+You have skipped tests. Run with --verbose for details.
+Coverage report generated for RSpec to /home/xxx/oxidized/coverage/coverage.xml. 2167 / 3131 LOC (69.21%) covered
+Coverage report generated for RSpec to /home/xxx/oxidized/coverage.
+Line Coverage: 69.21% (2167 / 3131)
+rake aborted!
+Command failed with status (1): [ruby -I"lib:spec" /home/xxx/oxidized/vendor/bundle/ruby/3.1.0/gems/rake-13.2.1/lib/rake/rake_test_loader.rb "spec/cli_spec.rb" "spec/config_spec.rb" "spec/hook/githubrepo_spec.rb" "spec/input/ssh_spec.rb" "spec/manager_spec.rb" "spec/model/apc_aos_spec.rb" "spec/model/model_atoms_spec.rb" "spec/model/model_helper_spec.rb" "spec/node_spec.rb" "spec/nodes_spec.rb" "spec/output/file_spec.rb" "spec/output/git_spec.rb" "spec/refinements_spec.rb" "spec/source/csv_spec.rb" "spec/source/http_spec.rb" "spec/source/jsonfile_spec.rb" "spec/source/sql_spec.rb" ]
+/home/xxx/oxidized/vendor/bundle/ruby/3.1.0/gems/rake-13.2.1/exe/rake:27:in `<top (required)>'
+Tasks: TOP => test
+(See full trace by running task with --trace)
+```
+
+If you want to be sure that your model has been tested, run
+`bundle exec rake test TESTOPTS="--verbose"` and search for your models unter
+`ATOMS tests`
+
+## Device Prompt
+You can specify device prompts to test in a YAML file named
+`spec/model/data/<model>:generic:prompt.yaml`.
+
+The YAML file has three sections containing a list of prompts to test:
+- pass: these prompts will pass the prompt regexp.
+- pass_with_expect: these prompts will pass the prompt regexp after having been
+  cleaned by the expect commands.
+- fail: these prompts will fail the prompt regexp.
+
+Here is an example:
+```yaml
+pass:
+  - "LAB-R1234_Garderos# "
+pass_with_expect:
+  - "\e[4m\rLAB-R1234_Garderos#\e[m "
+fail:
+  - "\e[4m\rLAB-R1234_Garderos#\e[m "
+  - "#LAB#"
+```
+
+## Secrets
+You can test if the model effectively removes secrets from your YAML simulation
+file with a YAML file named like the YAML simulation, but with the suffix
+`:secret.yaml`.
+
+The YAML file has two sections containing a list of strings to test:
+- fail: the test will fail if the output contains these strings.
+- pass: the test will pass only if the output contains these strings.
+
+```yaml
+fail:
+  - 'AAAAAAAAAABBBBBBBBBBCCCCCCCCCC'
+pass:
+  - 'snmp-server host 10.10.42.12 version 2c <secret removed> inform'
+  - 'hash-mgmt-user oxidized password hash <secret removed>'
+  - 'hash-mgmt-user rocks password hash <secret removed> usertype read-only'
+```
+
+## Custom tests
+When you write custom tests for your models, please do not use the filenames
+mentioned above, as it will interfere with the standard tests. If you need to
+store a custom simulation file, use `model:description:custom_simulation.yaml`.
+
+The [cumulus test](/spec/model/cumulus_spec.rb) is an example of a custom
+test.

data/docs/Supported-OS-Types.md

@@ -8,8 +8,8 @@
 |AddPack             |AddPack                       |[addpack](/lib/oxidized/model/addpack.rb)
 |Adtran              |Total Access (AOS)            |[adtran](/lib/oxidized/model/adtran.rb)
 |                    |ADVA                          |[adva](/lib/oxidized/model/adva.rb)              |                 |[ADVA](Model-Notes/ADVA.md)
-|Alcatel-Lucent      |AOS                           |[aos](/lib/oxidized/model/aos.rb)
-|                    |AOS7                          |[aos7](/lib/oxidized/model/aos7.rb)
+|Alcatel-Lucent      |AOS                           |[aos](/lib/oxidized/model/aos.rb)                |                 |AOS6 - vxworks-based
+|                    |AOS7                          |[aos7](/lib/oxidized/model/aos7.rb)              |                 |AOS7 and AOS8 - linux-based
 |                    |ISAM                          |[isam](/lib/oxidized/model/isam.rb)
 |                    |SR OS (Formerly TiMOS)        |[sros](/lib/oxidized/model/sros.rb)
 |                    |Wireless                      |[aosw](/lib/oxidized/model/aosw.rb)              |                 |Same model as Aruba Wireless
@@ -175,6 +175,7 @@
 |                    |NSX Distributed Firewall      |[nsxdfw](/lib/oxidized/model/nsxdfw.rb)
 |Watchguard          |Fireware OS                   |[firewareos](/lib/oxidized/model/firewareos.rb)
 |Westell             |Westell 8178G, Westell 8266G  |[weos](/lib/oxidized/model/weos.rb)
+|Yadro               |KornfeldOS                    |[kornfeldos](/lib/oxidized/model/kornfeldos.rb) 
 |YAMAHA              |YAMAHA NVR/RTX Series         |[yamaha](/lib/oxidized/model/yamaha.rb)
 |Zhone               |Zhone (OLT and MX)            |[zhoneolt](/lib/oxidized/model/zhoneolt.rb)
 |ZPE                 |Nodegrid OS                   |[nodegrid](/lib/oxidized/model/nodegrid.rb)

data/examples/podman-compose/Makefile

@@ -71,8 +71,7 @@ images: model-image gitserver-image oxidized-image
 
 # build the oxidized image from the curent repository
 oxidized-image:
-	podman image exists local/oxidized || \
-	  podman build -t local/oxidized ../../
+	  podman build -t oxidized:`git describe --tags` -t oxidized:latest ../../
 
 # removes the oxidized image
 oxidized-image-clean:

data/{examples/device-simulation → extra}/device2yaml.rb

@@ -8,6 +8,7 @@ require 'timeout'
 
 # This scripts logs in a network device and outputs a yaml file that can be
 # used for model unit tests in spec/model/
+# For more information, see docs/DeviceSimulation.md
 
 # This script is quick & dirty - it grew with the time an could be a project
 # for its own. It works, and that should be enough ;-)
@@ -113,15 +114,29 @@ end
 # Define options
 options = {}
 optparse = OptionParser.new do |opts|
-  opts.banner = "Usage: device2yaml.rb [user@]host [options]"
+  opts.banner = <<~HEREDOC
+    Usages:
+    - device2yaml.rb [user@]host -i file [options]
+    - device2yaml.rb [user@]host -c "command1
+      command2
+      command3" [options]
 
-  opts.on('-c', '--cmdset file', 'Mandatory: specify the commands to be run') do |file|
-    options[:cmdset] = file
+    -i and -c are mutualy exclusive, one must be specified
+
+    [options]:
+  HEREDOC
+
+  opts.on('-c', '--commands "command list"', 'specify the commands to be run') do |cmds|
+    options[:commands] = cmds
+  end
+  opts.on('-i', '--input file', 'Specify an input file for commands to be run') do |file|
+    options[:input] = file
   end
   opts.on('-o', '--output file', 'Specify an output YAML-file') do |file|
     options[:output] = file
   end
-  opts.on('-t', '--timeout value', Integer, 'Specify the idle timeout beween commands (default: 5 seconds)') do |timeout|
+  opts.on('-t', '--timeout value', Integer,
+          'Specify the idle timeout beween commands (default: 5 seconds)') do |timeout|
     options[:timeout] = timeout
   end
   opts.on('-e', '--exec-mode', 'Run ssh in exec mode (without tty)') { @exec_mode = true }
@@ -151,14 +166,22 @@ end
 optparse.parse!
 
 # Get the commands to be run against ssh_host
-unless options[:cmdset]
-  puts 'Missing a command set, use option -c'
+# ^ = xor = exclusive or
+unless options[:commands].nil? ^ options[:input].nil?
+  puts "Please provide commands to be run against #{ssh_host} with either option -c or -i"
   puts
   puts optparse
   exit 1
 end
-# make an array of commands to send, ignore empty lines
-ssh_commands = File.read(options[:cmdset]).split(/\n+|\r+/)
+
+if options[:commands]
+  ssh_commands = []
+  options[:commands].each_line(chomp: true) { |command| ssh_commands << command }
+elsif options[:input]
+  ssh_commands = File.read(options[:input]).split(/\n+|\r+/)
+end
+
+puts "Running #{ssh_commands} on #{ssh_user}@#{ssh_host}"
 
 # Defaut idle timeout: 5 seconds, as tests showed that 2 seconds is too short
 @idle_timeout = options[:timeout] || 5
@@ -209,7 +232,7 @@ else
   yaml_output '  '
 end
 
-@output&.puts "commands:"
+@output&.puts 'commands:'
 
 begin
   ssh_commands.each do |cmd|
@@ -219,7 +242,4 @@ rescue Errno::ECONNRESET, Net::SSH::Disconnect, IOError => e
   puts "### Connection closed with message: #{e.message}"
 end
 
-@output&.puts 'oxidized_output: |'
-@output&.puts '  !! needs to be written by hand or copy & paste from model output'
-
 cleanup

data/extra/gitdiff-msteams.sh

@@ -15,12 +15,31 @@
 #    timeout: 120
 #
 # Add webhook to your MS Teams channel and set the next variable to the full url
+# If INCLUDE_GITHUB_LINK is set to true, there will be a button that links to GITURL in the bottom of each teams post. the commit id is added at the end of the url.
+# MAXSIZE is set to respect the 28 KB limit for teams webhooks, but you might need to change it if you modify the Adaptive Card
 
 weburl="https://contoso.webhook.office.com/webhookb2/etc etc etc"
+GITURL="https://github.example.com/My-org/oxidized/commit/"
+INCLUDE_GITHUB_LINK=false
+# Max size for summary text.
+MAXSIZE=24500
+
+if [ "$INCLUDE_GITHUB_LINK" = true ]; then
+  github_action=",
+            { \"type\": \"ActionSet\",
+              \"actions\":
+               [
+                 {
+                 \"type\": \"Action.OpenUrl\",
+                 \"title\": \"Click to see diff in github\",
+                 \"url\": \"${GITURL}${OX_REPO_COMMITREF}\"
+                 }
+               ]
+             }"
+fi
 
 postdata()
 {
-    COMMIT=$(git --bare --git-dir="${OX_REPO_NAME}" show --pretty='' --no-color "${OX_REPO_COMMITREF}" | jq --raw-input --slurp --compact-output)
     cat <<EOF
 {
    "type":"message",
@@ -77,7 +96,7 @@ postdata()
                             "size": "small"
                         }
                     ]
-                }
+                }${github_action}
            ]
          }
       }
@@ -86,6 +105,14 @@ postdata()
 EOF
 }
 
-curl -i \
--H "Content-Type: application/json" \
--X POST --data "$(postdata)" "${weburl}"
+COMMIT=$(git --bare --git-dir="${OX_REPO_NAME}" show --pretty='' --no-color "${OX_REPO_COMMITREF}" | jq --raw-input --slurp --compact-output)
+URL=""
+
+size=$(postdata | wc -c)
+if [ "$size" -gt "$MAXSIZE" ]; then
+  COMMIT=$(git --bare --git-dir="${OX_REPO_NAME}" show --pretty='' --no-color "${OX_REPO_COMMITREF}" | head -c $MAXSIZE)
+  COMMIT+="$NEWLINE...$NEWLINE Shortened because of length"
+  COMMIT=$(echo "${COMMIT}" | jq --raw-input --slurp --compact-output )
+fi
+
+curl -i -H "Content-Type: application/json" -X POST --data "$(postdata)" "${weburl}"

data/extra/nagios_check_failing_nodes.rb

@@ -10,7 +10,7 @@ pending = false
 critical_nodes = []
 pending_nodes = []
 
-json = JSON.parse(open("http://localhost:8888/nodes.json").read)
+json = JSON.parse(URI("http://localhost:8888/nodes.json").open(&:read))
 json.each do |node|
   next if !ARGV.empty? && (ARGV[0] != node['name'])
 

data/extra/rest_client.rb

@@ -6,7 +6,7 @@ module Oxidized
     require 'asetus'
 
     class Config
-      Root = Root = ENV['OXIDIZED_HOME'] || File.join(Dir.home, '.config', 'oxidized')
+      Root = ENV['OXIDIZED_HOME'] || File.join(Dir.home, '.config', 'oxidized')
     end
 
     CFGS = Asetus.new name: 'oxidized', load: false, key_to_s: true

data/lib/oxidized/config.rb

@@ -19,7 +19,7 @@ module Oxidized
       cfgfile = cmd_opts[:config_file] || 'config'
       # configuration file with full path as a class instance variable
       @configfile = File.join(usrdir, cfgfile)
-      asetus = Asetus.new(name: 'oxidized', load: false, key_to_s: true, usrdir: usrdir, cfgfile: cfgfile)
+      asetus = Asetus.new(name: 'oxidized', load: false, usrdir: usrdir, cfgfile: cfgfile)
       Oxidized.asetus = asetus
 
       asetus.default.username      = 'username'

data/lib/oxidized/input/ssh.rb

@@ -18,10 +18,14 @@ module Oxidized
 
     def connect(node)
       @node        = node
-      @output      = ''
+      @output      = String.new('')
       @pty_options = { term: "vt100" }
       @node.model.cfg['ssh'].each { |cb| instance_exec(&cb) }
-      @log = File.open(Oxidized::Config::LOG + "/#{@node.ip}-ssh", 'w') if Oxidized.config.input.debug?
+      if Oxidized.config.input.debug?
+        logfile = Oxidized::Config::LOG + "/#{@node.ip}-ssh"
+        @log = File.open(logfile, 'w')
+        Oxidized.logger.debug "lib/oxidized/input/ssh.rb: I/O Debuging to #{logfile}"
+      end
 
       Oxidized.logger.debug "lib/oxidized/input/ssh.rb: Connecting to #{@node.name}"
       @ssh = Net::SSH.start(@node.ip, @node.auth[:username], make_ssh_opts)
@@ -41,7 +45,11 @@ module Oxidized
     end
 
     def cmd(cmd, expect = node.prompt)
-      Oxidized.logger.debug "lib/oxidized/input/ssh.rb #{cmd} @ #{node.name} with expect: #{expect.inspect}"
+      Oxidized.logger.debug "lib/oxidized/input/ssh.rb #{cmd.dump} @ #{node.name} with expect: #{expect.inspect}"
+      if Oxidized.config.input.debug?
+        @log.puts "sent #{cmd.dump}"
+        @log.flush
+      end
       cmd_output = if @exec
                      @ssh.exec! cmd
                    else
@@ -78,7 +86,7 @@ module Oxidized
       @ses = ssh.open_channel do |ch|
         ch.on_data do |_ch, data|
           if Oxidized.config.input.debug?
-            @log.print data
+            @log.puts "received #{data.dump}"
             @log.flush
           end
           @output << data
@@ -101,7 +109,7 @@ module Oxidized
     end
 
     def cmd_shell(cmd, expect_re)
-      @output = ''
+      @output = String.new('')
       @ses.send_data cmd + "\n"
       @ses.process
       expect expect_re if expect_re

data/lib/oxidized/model/aos7.rb

@@ -4,6 +4,8 @@ class AOS7 < Oxidized::Model
   # Alcatel-Lucent Operating System Version 7 (Linux based)
   # used in OmniSwitch 6900/10k
 
+  prompt /^([\w.@-]+ ?[#>]\s?)$/
+
   comment  '! '
 
   cmd :all do |cfg, cmdstring|

data/lib/oxidized/model/aosw.rb

@@ -117,7 +117,7 @@ class AOSW < Oxidized::Model
       next if line =~ /Output \d Config/i
       next if line =~ /(Tachometers|Temperatures|Voltages)/
       next if line =~ /((Card|CPU) Temperature|Chassis Fan|VMON1[0-9])/
-      next if line =~ /[0-9]+\s+(RPMS?|m?V|C)/i
+      next if line =~ /[0-9]+\s+(RPMS?|m?V|C|W)/i
 
       out << line.strip
     end

data/lib/oxidized/model/apc_aos.rb

@@ -6,6 +6,6 @@ class Apc_aos < Oxidized::Model # rubocop:disable Naming/ClassAndModuleCamelCase
     cfg
   end
 
-  cfg :ftp do
+  cfg :ftp, :scp do
   end
 end

data/lib/oxidized/model/arubainstant.rb

@@ -4,7 +4,7 @@ class ArubaInstant < Oxidized::Model
   # Aruba IAP, Instant Controller
 
   comment '# '
-  prompt(/^[\w\:.@-]+[#>] $/)
+  prompt(/^ ?[\w\:.@-]+[#>] $/)
 
   cmd :all do |cfg|
     # Remove command echo and prompt

data/lib/oxidized/model/asa.rb

@@ -15,7 +15,7 @@ class ASA < Oxidized::Model
     cfg.gsub! /enable password (\S+) (.*)/, 'enable password <secret hidden> \2'
     cfg.gsub! /^passwd (\S+) (.*)/, 'passwd <secret hidden> \2'
     cfg.gsub! /username (\S+) password (\S+) (.*)/, 'username \1 password <secret hidden> \3'
-    cfg.gsub! /(ikev[12] ((remote|local)-authentication )?pre-shared-key) (\S+)/, '\1 <secret hidden>'
+    cfg.gsub! /(ikev[12] ((remote|local)-authentication )?pre-shared-key( hex)?) (\S+)/, '\1 <secret hidden>'
     cfg.gsub! /^(aaa-server TACACS\+? \(\S+\) host[^\n]*\n(\s+[^\n]+\n)*\skey) \S+$/mi, '\1 <secret hidden>'
     cfg.gsub! /^(aaa-server \S+ \(\S+\) host[^\n]*\n(\s+[^\n]+\n)*\s+key) \S+$/mi, '\1 <secret hidden>'
     cfg.gsub! /ldap-login-password (\S+)/, 'ldap-login-password <secret hidden>'
@@ -38,6 +38,7 @@ class ASA < Oxidized::Model
     cfg = cfg.join
     cfg.gsub! /^Configuration has not been modified since last system restart.*\n/, ''
     cfg.gsub! /^Configuration last modified by.*\n/, ''
+    cfg.gsub! /^Start-up time.*\n/, ''
     comment cfg
   end
 

data/lib/oxidized/model/asyncos.rb

@@ -2,7 +2,7 @@ class AsyncOS < Oxidized::Model
   using Refinements
 
   # ESA prompt "(mail.example.com)> " or "mail.example.com> "
-  prompt /^\r*([(]?[\w. ]+[)]?[#>]\s+)$/
+  prompt /^\r*\(?[\w.\- ]+\)?[#>]\s+$/
   comment '! '
 
   # Select passphrase display option

data/lib/oxidized/model/cumulus.rb

@@ -1,7 +1,19 @@
 class Cumulus < Oxidized::Model
   using Refinements
 
-  prompt /^(([\w.-]*)@(.*)):/
+  # Remove ANSI escape codes
+  expect /\e\[[0-?]*[ -\/]*[@-~]\r?/ do |data, re|
+    data.gsub re, ''
+  end
+
+  # The prompt contains ANSI escape codes, which have already been removed
+  # from the expect call above
+  # ^                 : match begin of line, to have the most specific prompt
+  # [\w.-]+@[\w.-]+   : user@hostname
+  # (:mgmt)?          : optional when logged in out of band
+  # :~[#$] $          : end of prompt, containing the linux path,
+  #                     which is always "~" in our context
+  prompt /^[\w.-]+@[\w.-]+(:mgmt)?:~[#$] $/
   comment '# '
 
   # add a comment in the final conf
@@ -79,7 +91,9 @@ class Cumulus < Oxidized::Model
       cfg += cmd 'cat /etc/cumulus/switchd.conf'
 
       cfg += add_comment 'PORTS'
-      cfg += cmd 'cat /etc/cumulus/ports.conf'
+      # in some configurations, ports.conf has no trailing Line Feed,
+      # which breaks the prompt, so we add one
+      cfg += cmd "cat /etc/cumulus/ports.conf; echo"
 
       cfg += add_comment 'TRAFFIC'
       cfg += cmd 'cat /etc/cumulus/datapath/traffic.conf'

data/lib/oxidized/model/enterprise_sonic.rb

@@ -0,0 +1,46 @@
+class Enterprise_SONiC < Oxidized::Model # rubocop:disable Naming/ClassAndModuleCamelCase
+  using Refinements
+
+  # Remove ANSI escape codes
+  expect /\e\[[0-?]*[ -\/]*[@-~]\r?/ do |data, re|
+    data.gsub re, ''
+  end
+
+  # Matches both sonic-cli and linux terminal
+  prompt /^(?:[\w.-]+@[\w.-]+:[~\w\/-]+\$|[\w.-]+#)\s*/
+  comment "# "
+
+  def add_comment(comment)
+    "\n##### #{comment} #####\n"
+  end
+
+  post do
+    cmd 'show running-configuration' do |cfg|
+      add_comment('CONFIGURATION') + cfg
+    end
+  end
+
+  cmd 'show version' do |cfg|
+    cfg = cfg.each_line.reject { |line| line.match /Uptime/ }.join
+    add_comment('VERSION') + cfg
+  end
+
+  cmd 'show platform syseeprom' do |cfg|
+    add_comment('SYSEEPROM') + cfg
+  end
+
+  cmd :all do |cfg|
+    cfg.cut_both
+  end
+
+  cfg :ssh do
+    # if user logs in to linux == has admin rights
+    if vars(:admin) == true
+      post_login do
+        cmd "sonic-cli\n"
+      end
+    end
+    post_login 'terminal length 0'
+    pre_logout 'exit'
+  end
+end

data/lib/oxidized/model/fsos.rb

@@ -2,6 +2,7 @@ class FSOS < Oxidized::Model
   # Fiberstore / fs.com
   using Refinements
   comment '! '
+  prompt /^([\w.@()-]+[#>]\s?)$/
 
   # Handle paging
   expect /^ --More--.*$/ do |data, re|
@@ -13,6 +14,9 @@ class FSOS < Oxidized::Model
     cfg.gsub! /(secret \w+) (\S+).*/, '\\1 <secret hidden>'
     cfg.gsub! /(password \d+) (\S+).*/, '\\1 <secret hidden>'
     cfg.gsub! /(snmp-server community \d+) (\S+).*/, '\\1 <secret hidden>'
+    cfg.gsub! /^(snmp-server host \S+( udp-port \d+)?( permit|deny \d+)?( informs?)?( traps?)?(( version v3 (priv|auth|noauth))|( version (v1|v2c))?)) +\S+( .*)?$*/, '\\1 <secret hidden>'
+    cfg.gsub! /^(snmp-server user \S+ \S+ v3( priv (des|aes128|aes256|aes256-c))?( auth (md5|sha|sha256) \d+)) +\S+( .*)?$*/, '\\1 <secret hidden>'
+    cfg.gsub! /^(.*key \d+) (\S+).*/, '\\1 <secret hidden>'
     cfg
   end
 
@@ -37,7 +41,7 @@ class FSOS < Oxidized::Model
   cfg :telnet, :ssh do
     post_login 'enable'
     post_login 'terminal length 0'
-    post_login 'terminal width 256'
+    post_login 'terminal width 512'
     pre_logout 'exit'
     pre_logout 'exit'
   end

data/lib/oxidized/model/garderos.rb

@@ -4,12 +4,12 @@ class Garderos < Oxidized::Model
   # Routers for harsh environments
   # grs = Garderos Router Software
 
-  # remove all ANSI escape codes, as GRS uses them :-(
-  # the prompt does not need to match escape codes, as they have been removed
-  expect /\e\[\d*m\r?/ do |data, re|
+  # Remove ANSI escape codes
+  expect /\e\[[0-?]*[ -\/]*[@-~]\r?/ do |data, re|
     data.gsub re, ''
   end
 
+  # the prompt does not need to match escape codes, as they have been removed above
   prompt /[\w-]+# /
   comment '# '
 
@@ -29,7 +29,7 @@ class Garderos < Oxidized::Model
   # If we have a radio modem installed, we'd like to list the SIM Card
   cmd 'show hardware wwan wwan0 sim' do |cfg|
     if cfg.start_with? 'Unknown command'
-      ''
+      String.new('')
     else
       comment "#{cfg}\n"
     end

data/lib/oxidized/model/junos.rb

@@ -26,7 +26,7 @@ class JunOS < Oxidized::Model
   end
 
   post do
-    out = ''
+    out = String.new('')
     case @model
     when 'mx960'
       out << cmd('show chassis fabric reachability') { |cfg| comment cfg }